package com.wfg.myshiro.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

/**
 * myshiro
 *
 * @Title: com.wfg.myshiro.controller
 * @Date: 2020/12/25 0025 8:23
 * @Author: wfg
 * @Description:
 * @Version:
 */
@Controller
public class TestController {

    @RequestMapping("/")
    public String index(){
        return "login";
    }

    /**
     * 登录方法
     * @return
     */
    @RequestMapping("/login")
    public String login(String username, String password , Model model){
        //获取权限操作对象,一遍进行登录操作
        Subject subject = SecurityUtils.getSubject();
        //进入登录控制器首先进行退出操作,避免shiro有认证信息的缓存
        subject.logout();
        //如果没有进行过登录验证进行登录验证
        if(!subject.isAuthenticated()){
            //如果没有登录,使用用户名和密码设置用户令牌
            UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(username,password);

            try {
                //进行登录,这里是有shiro来完成
                subject.login(usernamePasswordToken);
            } catch (UnknownAccountException e) {
                //账号不存在异常
                model.addAttribute("errorMessage","账号不存在");
                return "/login";
            }
            catch (LockedAccountException e) {
                //登录失败会抛出各种异常
                model.addAttribute("errorMessage","账号被锁");
                return "/login";
            }
            catch (IncorrectCredentialsException e) {
                //密码认证失败后shiro自动抛出错误
                model.addAttribute("errorMessage","登录失败");
                return "/login";
            }catch (AuthenticationException e) {
                //登录失败会抛出各种异常
                model.addAttribute("errorMessage","登录失败");
                return "/login";
            }


        }

        return "redirect:/success";
    }
    @RequestMapping("/logout")
    public String logout(){
        Subject subject = SecurityUtils.getSubject();
        //退出操作,清空shiro的认证信息
        subject.logout();
        return "redirect:/";
    }

    @RequestMapping("/success")
    public String success(){
        return "success";
    }

    @RequestMapping("/noPermission")
    public String noPersmission(){
        return "noPersmission";
    }

    /**
     *  @RequiresRoles("admin") 这个注解是shiro提供的
     *  第一个参数是角色,并且是数组的形式
     *  第二个参数:存在多个的是进行逻辑与还是逻辑或
     * @return
     */
    @RequiresRoles(value = {"admin"},logical = Logical.AND)
    @RequestMapping("/admin/test")
    @ResponseBody
    public String testAdmin(){
        return "admin 请求";
    }

    @RequiresRoles("zhangsan")
    @RequestMapping("/user/test")
    @ResponseBody
    public String testUser(){
        return "user 请求";
    }

}
